OCR Alert – Postcard Advertisement Disguised as Official OCR Communication

April 27, 2021 / HIPAA

scam for OCR alert

Some healthcare organizations have received postcards that appear to be from the OCR that they are required to participate in a “Required Security Risk Assessment” and they are to send their risk assessment to a website.

This is not from the OCR or the U.S. Department of Health and Human Services, it is an advertisement from a private company.  Please alert your workers and always verify that websites and email addresses are safe before clicking or submitting any information. Communications via email from HHS/OCR will end in @hhs.gov. The official website for HHS/OCR is www.hhs.gov/ocr.

If you receive a postcard or other communication like this, report it to HHS right away – https://www.hhs.gov/ocr/about-us/contact-us/index.html

Back to TMC Blog Gallery